- From: Matthew Miller via GitHub <noreply@w3.org>
- Date: Fri, 27 Feb 2026 23:26:54 +0000
- To: public-webauthn@w3.org
I think I should have defined earlier the virtual authenticator test cases I'm trying to support with these changes: 1. **Add Cred.** with `0`, returns `1` in next auth (i.e. security key that implements a signature counter) 1. **Add Cred.** with `0`, returns `0` in next auth (i.e. platform authenticator that does not implement a signature counter) 1. **Add Cred.** with `10`, returns `11` in next auth, **Set Cred. Props.** to `10`, returns `11` again in second auth (i.e. a cloned authenticator) Of these three, only the No. 1 is currently supported by the current Virtual Authenticator API. No. 2 would be addressed by the normative authenticator behavior change in this PR when `signCount` in Add Credential is `0`. Ah, but now I'm seeing that it would break the first scenario, which means it could break existing tests if RPs aren't paying attention to these changes. We'd have to suggest RPs update their current tests to set `signCount` to `1` when calling **Add Credential** to ensure the signature counter increments in subsequent auth responses, and then update signature counter test assertions accordingly. I guess this isn't that bad... No. 3 would be addressed by the addition of `signCount` to **Set Credential Properties**. Someone updating their tests to use this new value would just update downstream test logic accordingly, so I think this one's fine to introduce as-is. -- GitHub Notification of comment by MasterKale Please view or discuss this issue at https://github.com/w3c/webauthn/pull/2382#issuecomment-3975700301 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Friday, 27 February 2026 23:26:54 UTC